Code Review / netconf.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 647dd26)
Fix unsafe global config access 86/82186/1
authorRobert Varga <robert.varga@pantheon.tech>
Tue, 21 May 2019 11:27:02 +0000 (13:27 +0200)
committerRobert Varga <nite@hq.sk>
Tue, 21 May 2019 11:32:07 +0000 (11:32 +0000)
Current global config is a volatile variable, hence it must be
acquired into a local variable for proper nullness checks --
otherwise it is open to TOCTOU race conditions leading to NPEs.

Change-Id: I9316b3ed976575726da7a065668c507e15fe0ddf
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java patch | blob | history

diff --git a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java
index f6af5e41f8145b661ceb6c5335630effbff3658c..840dca1ffdee9baea59490135af263efb92a3541 100644 (file)
--- a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java
+++ b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java
@@ -236,7 +236,6 @@ public class CallHomeAuthProviderImpl implements CallHomeAuthorizationProvider,
     }
 
     private static class GlobalConfig implements DataTreeChangeListener<Global> {
-
         private volatile Global current = null;
 
         @Override
@@ -247,15 +246,14 @@ public class CallHomeAuthProviderImpl implements CallHomeAuthorizationProvider,
         }
 
         boolean allowedUnknownKeys() {
-            if (current == null) {
-                return false;
-            }
+            final Global local = current;
             // Deal with null values.
-            return Boolean.TRUE.equals(current.isAcceptAllSshKeys());
+            return local != null && Boolean.TRUE.equals(local.isAcceptAllSshKeys());
         }
 
         Credentials getCredentials() {
-            return current != null ? current.getCredentials() : null;
+            final Global local = current;
+            return local != null ? local.getCredentials() : null;
         }
     }
 }
Netconf